Description

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Remediation

References

CVE-2005-1245

Related Vulnerabilities

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2057)

Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)

WordPress Plugin Content Audit Multiple Vulnerabilities (1.9.1)

Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2019-18838)

MongoDb Missing Authorization Vulnerability (CVE-2024-6375)

Severity

Medium

Classification

CVE-2005-1245

Tags

Missing Update Known Vulnerabilities